b"United States Department of Agriculture\nOffice of Inspector General\n\n\n\n\nAnalysis of Supplemental Nutrition\nAssistance Program (SNAP)\nAnti-Fraud Locator EBT Retailer\nTransactions (ALERT) Database\n\n\n\n\n                                          Audit Report 27002-0001-DA\n                                          November 2011\n\x0c\x0c                            United States Department of Agriculture\n                                   Office of Inspector General\n                                     Washington, D.C. 20250\n\n\n\n\nDATE:         November 22, 2011\n\nAUDIT\nNUMBER:       27002-0001-DA\n\nTO:           Audrey Rowe\n              Administrator\n              Food and Nutrition Service\n\nATTN:         Mark Porter\n              Acting Director\n              Office of Internal Control, Audits and Investigations\n\nFROM:         Gil H. Harden\n              Assistant Inspector General for Audit\n\nSUBJECT:      Analysis of Supplemental Nutrition Assistance Program (SNAP)\n              Anti-Fraud Locator EBT Retailer Transactions (ALERT) Database\n\n\nThe report presents the results of our audit of the Anti-Fraud Locator EBT (electronic benefits\ntransfer) Retailer Transactions (ALERT) database. The response from the Food and Nutrition Service\n(FNS) is included in its entirety in an exhibit in this report.\n\nWe appreciate the courtesies and cooperation extended to us by members of your staff during our audit\nfieldwork and subsequent discussions.\n\nAttachment\n\ncc: (w/attachment)\nDirector, Planning and Accountability Division, OCFO\n\x0c\x0cTable of Contents\n\nExecutive Summary .................................................................................................1\nBackground & Objectives .......................................................................................3\nBackground...............................................................................................................3\nObjectives ..................................................................................................................3\nSection 1: ALERT File Control Management Needs Strengthening .................4\n   Finding 1: FNS needs documented procedures for its file control\n   management ..........................................................................................................4\n         Recommendation 1 ........................................................................................5\n         Recommendation 2 ........................................................................................5\nScope and Methodology...........................................................................................7\nAbbreviations ...........................................................................................................8\nAgency\xe2\x80\x99s Response ...................................................................................................9\n\x0c\x0cAnalysis of Supplemental Nutrition Assistance Program ALERT\nDatabase \xe2\x80\x93 27002-0001-DA\n\nExecutive Summary\n\nIn order to fulfill the Department of Agriculture\xe2\x80\x99s mission to form a national safety net against\nhunger, the Supplemental Nutrition Assistance Program (SNAP), formerly called the Food Stamp\nProgram, provides monthly food assistance and nutrition for low-income individuals. The Food and\nNutrition Service (FNS) administers SNAP through a Federal-State partnership in which the Federal\nGovernment pays the full cost of recipient benefits and shares the cost of administering the program\nwith the States. To search for signs of fraud, waste, and abuse within the program, FNS tracks\nSNAP recipient transactions, or electronic benefits transfer (EBT) transactions, using the Anti-\nFraud Locator EBT Retailer Transactions (ALERT) system. In order to determine which States\nmight be at high-risk for fraud, we requested complete EBT transaction files used to populate\nFNS\xe2\x80\x99 ALERT system for all 53 States and territories from August 2009 to April 2011. When we\nreceived the files, we found that while most files were present, they were incomplete and\ndisorganized.\n\nSpecifically, of the 19,345 files from 53 States and territories, FNS was unaware that 75 files\nfrom 18 States were missing. We also found duplicate files, and different files with the same\nnames. This occurred because although FNS backs up its EBT transaction files regularly, the\nagency did not have processes in place to check for missing data or to consistently manage\nmultiple versions of files. Because of this, gathering all the files took almost three months.\nAfter working with FNS, we noted that FNS has already begun to address weaknesses in its\narchival process; with strengthened controls, FNS can further improve its backup data\nmanagement. FNS\xe2\x80\x99 archive files are used to repopulate the ALERT database in emergency\nsituations and are used for investigation and audit purposes; it is therefore crucial that the data\nthey contain are accessible at all times.\n\nRecommendation Summary\nIn this report, we issued two recommendations to strengthen controls. We recommended that\nFNS establish documented procedures to comprehensively check for missing files prior to\narchival, and establish standard naming and organization conventions to differentiate the most\nrecent and accurate data.\n\nAgency Response\nFNS concurs with the recommendations and has begun taking steps to strengthen system\ncontrols. By June 30, 2012, FNS plans to complete ALERT system redesigns, system upgrades,\ndata storage and archival processes documentation, and establish a process for standardized file\nnaming.\n\n\n\n\n                                                                 AUDIT REPORT 27002-0001-DA           1\n\x0cOIG Position\n\nWe concur with the agency\xe2\x80\x99s response and have reached management decision for the two\nrecommendations in this report.\n\n\n\n\n2    AUDIT REPORT 27002-0001-DA\n\x0cBackground & Objectives\n\nBackground\nIn order to fulfill the Department of Agriculture\xe2\x80\x99s mission to provide a national safety net against\nhunger, the Supplemental Nutrition Assistance Program (SNAP), formerly called the Food\nStamp Program, provides monthly food assistance and nutrition for low-income individuals.\nSNAP helps low-income families buy nutritious foods by providing them with benefits that can\nbe redeemed at FNS-authorized stores.1 The Food and Nutrition Service (FNS) administers\nSNAP through a Federal-State partnership in which the Federal Government pays the full cost of\nrecipient benefits and shares the cost of administering the program with the States.\n\nFNS replaced paper benefits with EBT cards, which recipients use like bank cards to purchase\nfood. Each State hires a contractor, or EBT processor, to process and store EBT transactions.\nEach time an EBT card is used, EBT processors store transactional data within their system.\nBefore authorizing a transaction, the EBT processor\xe2\x80\x99s system verifies that benefits are available\nand deducts the benefits from the recipient\xe2\x80\x99s account for each completed transaction.\n\nIn order to ensure that critical fraud-detection data are reliable and available, Federal regulation\nrequires that State agencies maintain issuance, inventory, reconciliation, and other accountability\nrecords for a period of 3 years, though this period may be extended at the written request of\nFNS.2 The State often delegates this responsibility to the EBT processors. EBT processors store\ntransaction information\xe2\x80\x94such as the store\xe2\x80\x99s identification number, the store\xe2\x80\x99s location, and sales\ndata\xe2\x80\x94in EBT transaction files and transfer them to FNS on a monthly basis.3 FNS then inputs\nthese files into ALERT and archives the files to DVDs monthly.\n\nALERT includes processes that are used to analyze EBT transactions contained in the EBT\ntransaction files to uncover patterns indicative of fraud\xe2\x80\x94such as high volumes of transactions in\na short period of time. These processes are executed for each State. Once ALERT has searched\neach store for these patterns, ALERT assigns each store a score which reflects the likelihood that\nthe store is engaged in fraud, with those stores showing suspicious patterns ranking highest.\nFNS officials consider ALERT to be a highly valuable tool for identifying potential retailer\nfraud. FNS, State agencies, the Office of Inspector General (OIG), and other entities use ALERT to\nidentify potentially fraudulent activities committed by retailers and recipients.\n\nObjectives\nWe conducted this audit to review FNS\xe2\x80\x99 management of SNAP EBT transaction files and to\ndetermine if the SNAP EBT transaction files obtained from FNS were complete.\n\n1\n  \xe2\x80\x9cStores\xe2\x80\x9d and \xe2\x80\x9cretailers\xe2\x80\x9d include grocery stores, supermarkets, meal services, farmer\xe2\x80\x99s markets, etc. Although we\nuse the terms \xe2\x80\x9cstore\xe2\x80\x9d and \xe2\x80\x9cretailer\xe2\x80\x9d in this report, we extend this term to other types of organizations, such as\nwholesalers, meal services, and group living arrangements. As stated in 7 CFR \xc2\xa7 278.1(a), FNS approves retailers\nand stores for SNAP participation.\n2\n  7 C.F.R. \xc2\xa7272.1(f)\n3\n  7 C.F.R. \xc2\xa7274.4 (b)(2)\n\n                                                                          AUDIT REPORT 27002-0001-DA                 3\n\x0cSection 1: ALERT File Control Management Needs Strengthening\n\nFinding 1: FNS needs documented procedures for its file control management\nWe found that while FNS\xe2\x80\x99 data archival management system is largely successful in storing data\nfiles, files were occasionally missing, and were generally incomplete and disorganized. When\nworking with FNS to resolve this issue, we found that FNS had not implemented a system to\ncheck that all files were available during archival or to effectively manage duplicate files or file\nnames. Because FNS staff was unable to consistently organize, manage, or backup EBT files,\nwhen we requested a full set of EBT transaction files from FNS, it took the agency nearly three\nmonths to provide us with complete records. Quick, reliable access to archival files is necessary\nshould the ALERT system go down, or in cases of audits or investigations, when the data\nbecome critical in the search for fraud, waste, and abuse.\n\nUnder Office of Management and Budget (OMB) A-123, Federal agencies are required to have a\nclear, organized strategy with well-defined documentation processes that contain an audit trail\nand verifiable results, and specify document retention periods.4 Additional controls, such as\nchecks, should be designed to ensure that transactions are properly authorized and processed\naccurately, and that the data are valid and complete. To ensure secure, reliable records, FNS\xe2\x80\x99\ninternal policy states that the agency will archive files received from EBT processors onto DVDs\nand place them in an on-site file cabinet.5 The National Institute of Standards and Technology\n(NIST) also states that information system security policies should generally include\norganizational standards that specify uniform procedures and ensure the availability of resources\nthrough recovery and backups.6\n\nWe found that though FNS archived EBT transaction files at the required intervals, not all files\nwere located on the DVDs. For instance, when we requested the complete set of files for the\nyear\xe2\x80\x9419,345 files from 53 States and territories\xe2\x80\x94FNS was unaware that 75 files from 18 States\nwere not provided. FNS was able to provide 56 of the missing 75 files but was unable to locate\nthe remaining 19 files. OIG acknowledges that this is a low error rate; however, we also noted\nthat FNS could further improve its archival process by taking two relatively simple steps\xe2\x80\x94\nperforming manual checks to identify missing files and formalizing its naming and organization\nconventions.\n\nWe found that the primary cause of missing files is that FNS\xe2\x80\x99 data management system does not\ninform FNS of all missing files prior to archival and does not take additional measures, such as\nmanually verifying that all files are present. We found that manual checks remedy this problem.\nDuring three months of repeated OIG requests and manual checks, FNS showed continual\nprogress and was ultimately able to provide OIG with a complete set of EBT transaction files.\nIndependent of our review, FNS has taken steps to address additional backup issues. Recently,\n\n\n4\n  OMB Circular A-123, Management's Responsibility for Internal Control, December 2004, Section I.A.\n5\n  System Security Plan for Anti-Fraud Locator using EBT Retailer Transaction (ALERT) Application,\nMarch 9, 2011.\n6\n  NIST Special Publication 800-42, Guideline on Network Security Testing, October 2003, Section 3.11.\n\n4     AUDIT REPORT 27002-0001-DA\n\x0cFNS purchased a large external hard drive for easy access to files for future data requests and\nautomated various manual processes to reduce human error. We encourage FNS to also develop\nguidance for staff to check that all EBT transaction files are archived.\n\nAs we collected files, we determined that FNS\xe2\x80\x99 archival process could also be improved with the\nadoption of uniform naming conventions and organization standards. For example, FNS seemed\nunfamiliar with its backup organization system; for instance, FNS stated that it found missing\nfiles in a short-term backup system that had previously been unknown to them.7 We also found\nfiles from multiple States and days with the same name and size, but different creation dates.\nWe also noted that there were several files with incorrect or misleading names, making it\ndifficult to determine which files contained the correct information. This occurred because FNS\ndoes not have a system\xe2\x80\x94such as standard naming conventions or a specified location to store the\ncorrect files\xe2\x80\x94to differentiate the most recent and accurate data. While such an organization\nsystem or standards is not required, we believe that implementing a standard organization would\nhelp FNS ensure data integrity and maintain auditable records.\n\nOnce we identified these issues, we worked with FNS officials to formulate a plan to resolve\nthem. FNS agreed to document and modify its processes to ensure the integrity of its files, and\nstated that our file request helped the agency discover internal control areas needing\nimprovement. OIG acknowledges that FNS has already taken important steps towards\neliminating these problems, and recommends that the agency take the following additional steps\nto complete the process.\n\nRecommendation 1\nEstablish a documented procedure to comprehensively check for missing files prior to archival.\n\nAgency Response\nFNS concurred with this recommendation and plans to eliminate the identified problems by\nJune 30, 2012. FNS will complete ALERT system redesigns, which include system upgrades\nand data storage and archival processes documentation.\n\nOIG Position\nWe concur with the agency\xe2\x80\x99s response for the recommendation and have reached management\ndecision.\n\nRecommendation 2\nEstablish standard naming and organization conventions to differentiate the most recent and\naccurate data.\n\n\n\n7\n    The system short term backup is kept for a limited timeframe and should not be relied on as a primary backup.\n\n                                                                            AUDIT REPORT 27002-0001-DA              5\n\x0cAgency Response\nFNS concurred with this recommendation. FNS will develop standard file naming conventions\nfor the ALERT file archiving process and improve EBT file management documentation during\nthe redesign of the ALERT system. FNS will complete the ALERT system redesign by\nJune 30, 2012.\n\nOIG Position\nWe concur with the agency\xe2\x80\x99s response for the recommendation and have reached management\ndecision.\n\n\n\n\n6    AUDIT REPORT 27002-0001-DA\n\x0cScope and Methodology\nOur review focused on obtaining all EBT transaction files used to populate ALERT from all 53\nStates and territories so we could analyze SNAP database data for anomalies and signs of fraud,\nwaste, and abuse. We conducted fieldwork at the FNS national office located in Alexandria,\nVirginia, from June 2010 through July 2011.\n\nWe selected the timeframe of August 1, 2009 to July 31, 2010 because, at the time of our audit, it\nwas the latest full year of information available. Because we had concerns regarding FNS\xe2\x80\x99\nmanagement of EBT transaction files, we expanded our scope to April 2011. To obtain and\nevaluate all EBT transaction files we:\n\n   \xc2\xb7   Reviewed public laws, FNS regulations, policies, procedures, and other controls\n       governing the administration of data used to populate ALERT;\n   \xc2\xb7   Reviewed reports that resulted from reviews relative to SNAP, Federal Manager\xe2\x80\x99s\n       Financial Integrity Report for fiscal year 2010, and Government Accountability Office\n       reports;\n   \xc2\xb7   Analyzed records, reports, correspondence, and other documents pertinent to ALERT;\n       and\n   \xc2\xb7   Interviewed officials from the FNS National office to identify controls for administering\n       ALERT and assess overall management of EBT transaction files.\n\nWe conducted this review in accordance with generally accepted government auditing standards.\nThose standards require that we plan and perform the audit to obtain sufficient, appropriate\nevidence to provide a reasonable basis for our findings and conclusions based on our audit\nobjectives. We believe that the evidence obtained provides a reasonable basis for our findings\nand conclusions based on our audit objectives.\n\n\n\n\n                                                              AUDIT REPORT 27002-0001-DA        7\n\x0cAbbreviations\n\nALERT ....................... Anti-Fraud Locator EBT Retailer Transactions\nEBT ............................. electronic benefits transfer\nFNS ...............................Food and Nutrition Service\nNIST............................ National Institute of Standards and Technology\nOMB ........................... Office of Management and Budget\nOIG ............................. Office of Inspector General\nSNAP .......................... Supplemental Nutrition Assistance Program\nUSDA.......................... Department of Agriculture\n\n\n\n\n8      AUDIT REPORT 27002-0001-DA\n\x0cAgency\xe2\x80\x99s Response\n\n\n\n\n                 USDA\xe2\x80\x99S\n      FOOD AND NUTRITION SERVICE\xe2\x80\x99S\n        RESPONSE TO AUDIT REPORT\n\n\n\n\n                        AUDIT REPORT 27002-0001-DA   9\n\x0cUnited States\nDepartment of\nAgriculture      DATE:         November 3, 2011\nFood and\nNutrition        AUDIT\nService          NUMBER:        27002-01-DA\n\n3101 Park        TO:            Gil H. Harden\nCenter Drive\nRoom 712                        Assistant Inspector General for Audit\nAlexandria, VA\n22302-1500       FROM:         Audrey Rowe /S/\n                               Administrator\n                               Food and Nutrition Service\n\n                 SUBJECT:      Analysis of Supplemental Nutrition Assistance Program ALERT Database\n\n\n                 This letter responds to the official draft report for audit report number 27002-01-DA,\n                 Analysis of Supplemental Nutrition Assistance Program ALERT Database. Specifically,\n                 the Food and Nutrition Service (FNS) is responding to the two recommendations within\n                 the report.\n\n                 OIG Recommendation 1:\n\n                 Establish a documented procedure to comprehensively check for missing files prior to\n                 archival.\n\n                 Food and Nutrition Service Response:\n\n                 FNS concurs with the stated recommendation and has already begun taking the necessary\n                 steps to eliminate the problems noted in the report. FNS is currently redesigning the\n                 ALERT system, which includes upgrades and documentation of the data storage and\n                 archival processes. This recommendation will be addressed with the delivery of the\n                 ALERT system, currently scheduled for June 2012.\n\n                 Estimated Completion Date: June 30, 2012\n\n                 OIG Recommendation 2:\n\n                 Establish standard naming and organization conventions to differentiate the most recent\n                 and accurate data.\n\n                 Food and Nutrition Service Response:\n\n                 FNS concurs with the stated recommendation and will continue the work already done\n                 towards developing a standard naming convention, process for archiving ALERT files and\n\x0c                                                                                  P age |2\n\n\nwill also improve how our file management system is documented. This recommendation\nwill be addressed with the delivery of the ALERT system, currently scheduled for June 2012.\n\nEstimated Completion Date: June 30, 2012\n\n\n\n\n                              AN EQUAL OPPORTUNITY EMPLOYER\n\x0cInformational copies of this report have been distributed to:\n\nGovernment Accountability Office (1)\n\nOffice of Management and Budget (1)\n\nOffice of the Chief Financial Officer (1)\n Director, Planning and Accountability Division\n\x0c\x0cTo learn more about OIG, visit our website at\nwww.usda.gov/oig/index.htm\nHow To Report Suspected Wrongdoing in USDA Programs\n\nFraud, Waste, and Abuse\nIn Washington, DC 202-690-1622\nOutside DC 800-424-9121\nTDD (Call Collect) 202-690-1202\n\nBribes or Gratuities\n202-720-7257 (Monday-Friday, 9:00a.m.- 3 p.m.               ED\n\n\n\n\nThe U.S. Department of Agriculture (USDA) prohibits discrimination in all of its programs and activities on the basis of race, color, national origin,\nage, disability, and where applicable, sex (including gender identity and expression), marital status, familial status, parental status, religion, sexual\norientation, political beliefs, genetic information, reprisal, or because all or part of an individual's income is derived from any public assistance program.\n(Not all prohibited bases apply to all programs.) Persons with disabilities who require alternative means for communication of program information\n(Braille, large print, audiotape, etc.) should contact USDA's TARGET Center at (202) 720-2600 (voice and TDD). USDA is an equal opportunity provider\nand employer.\n\x0c"